1. The Commission shall assess the need for amendment of the list set out in Annex III and of the list of prohibited AI practices laid down in Article 5, once a year following the entry into force of this Regulation, and until the end of the period of the delegation of power laid down in Article 97. The Commission shall submit the findings of that assessment to the European Parliament and the Council.

2. By 2 August 2028 and every four years thereafter, the Commission shall evaluate and report to the EuropeanParliament and to the Council on the following:

• the need for amendments extending existing area headings or adding new area headings in Annex III;
• amendments to the list of AI systems requiring additional transparency measures in Article 50;
• amendments enhancing the effectiveness of the supervision and governance system.

3. By 2 August 2029 and every four years thereafter, the Commission shall submit a report on the evaluation and reviewof this Regulation to the European Parliament and to the Council. The report shall include an assessment with regard to thestructure of enforcement and the possible need for a Union agency to resolve any identified shortcomings. On the basis ofthe findings, that report shall, where appropriate, be accompanied by a proposal for amendment of this Regulation. Thereports shall be made public.

4. The reports referred to in paragraph 2 shall pay specific attention to the following:

• the status of the financial, technical and human resources of the national competent authorities in order to effectively perform the tasks assigned to them under this Regulation;
• the state of penalties, in particular administrative fines as referred to in Article 99(1), applied by Member States for infringements of this Regulation;
• adopted harmonised standards and common specifications developed to support this Regulation;
• the number of undertakings that enter the market after the entry into application of this Regulation, and how many of them are SMEs.

5. By 2 August 2028, the Commission shall evaluate the functioning of the AI Office, whether the AI Office has beengiven sufficient powers and competences to fulfil its tasks, and whether it would be relevant and needed for the properimplementation and enforcement of this Regulation to upgrade the AI Office and its enforcement competences and toincrease its resources. The Commission shall submit a report on its evaluation to the European Parliament and to the Council.

6. By 2 August 2028 and every four years thereafter, the Commission shall submit a report on the review of the progresson the development of standardisation deliverables on the energy-efficient development of general-purpose AI models, andasses the need for further measures or actions, including binding measures or actions. The report shall be submitted to theEuropean Parliament and to the Council, and it shall be made public.

7. By 2 August 2028 and every three years thereafter, the Commission shall evaluate the impact and effectiveness ofvoluntary codes of conduct to foster the application of the requirements set out in Chapter III, Section 2 for AI systemsother than high-risk AI systems and possibly other additional requirements for AI systems other than high-risk AI systems,including as regards environmental sustainability.

8. For the purposes of paragraphs 1 to 7, the Board, the Member States and national competent authorities shall provide the Commission with information upon its request and without undue delay.

9. In carrying out the evaluations and reviews referred to in paragraphs 1 to 7, the Commission shall take into account the positions and findings of the Board, of the European Parliament, of the Council, and of other relevant bodies or sources.

10. The Commission shall, if necessary, submit appropriate proposals to amend this Regulation, in particular taking into account developments in technology, the effect of AI systems on health and safety, and on fundamental rights, and in light of the state of progress in the information society.

11. To guide the evaluations and reviews referred to in paragraphs 1 to 7 of this Article, the AI Office shall undertake to develop an objective and participative methodology for the evaluation of risk levels based on the criteria outlined in the relevant Articles and the inclusion of new systems in:

• the list set out in Annex III, including the extension of existing area headings or the addition of new area headings in that Annex;
• the list of prohibited practices set out in Article 5; and
• the list of AI systems requiring additional transparency measures pursuant to Article 50.

12. Any amendment to this Regulation pursuant to paragraph 10, or relevant delegated or implementing acts, which concerns sectoral Union harmonisation legislation listed in Section B of Annex I shall take into account the regulatory specificities of each sector, and the existing governance, conformity assessment and enforcement mechanisms and authorities established therein.

13. By 2 August 2031, the Commission shall carry out an assessment of the enforcement of this Regulation and shallreport on it to the European Parliament, the Council and the European Economic and Social Committee, taking intoaccount the first years of application of this Regulation. On the basis of the findings, that report shall, where appropriate, beaccompanied by a proposal for amendment of this Regulation with regard to the structure of enforcement and the need fora Union agency to resolve any identified shortcomings.